Client time restriction
Freshman Member
All Replies
-
Yes you can set time limits to given IP's to go out for internet.
Best way to go about this is the USG40 is current set to allow all so you want to set block times like say 00:00 to 06:00 by going to Setting > object > schedule use recurring.
When you login to the dashboard click DHCP table and click the reserve box for the given devices and make a note of the IP's. Go to settings > interface Ethernet tab and edit LAN1 and check Enable IP/MAC Binding
Then go to settings > object address/Geo IP and add the IP's from the DHCP as host make a address group as block IP list and import the IP's
Now your ready to go to settings > security policy > policy control and click add make the rule as from LAN1 to WAN source block IP list and select the schedule set action to block.
0 -
Hello Peter,Wow man! This could i have never figure out. So many steps! Well i will give a try and come back and update.Thank you for Your help!0
-
Hello Peter,This seems to be working. Thanks a lot!I was also wondering about social networking apps lik whatsapp, facebook etc and if it is possible to block it not general but given "ip:s" or client only.Please do let me know. Thank You once again for a quick help!Azad0
-
Hello Peter,It seems to blocking all the time. I actually want to block timewize. Like some couple of hors a day. Like from 8PM to 6AP etc. How to change that?0
-
Hello again,I think i got it. I need to create a "Create Schedule Object"0
-
yes you need to make a to Schedule Object and set a Schedule to the firewall rule.0
-
The control whatsapp, facebook etc you need to Activate IDP/AppPatrol Signature Service
go to settings > object > application
add name add for Social networks (search) and check Facebook (Access) and Facebook (Authentication) ok add for Instant messengers (search) and check WhatsApp (Authentication) and WhatsApp (Access) ok.
Go to settings > App patrol
add name add application you made action drop ok
Go to settings > security policy > policy control and click add make the rule with action to allow (which seems odd but the UTM Profile application you made above is dropped) check under UTM Profile application patrol and select your rule and ok.
0 -
Hello Robert,Thanks again.Yes I thought so, but as per now I do not have any subscription for the IDP. I was wondering if it could anyway go around like puting in lins/ports etc for the specific traffic or just simply use dns or cisco umbrela.0
-
when scheduling times it works but the scheduled policy does not seen after creating it. Where can it been seen if i want to edit and reschedule it instead of creating new every time?
0 -
You have to activate IDP/AppPatrol signature service first, so the function can be operated.
To modify the existing schedule, Go to object> schedule>select the profile then edit it0
Guru Member
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight
